fkie_cve-2025-38651
Vulnerability from fkie_nvd
Published
2025-08-22 16:15
Modified
2025-08-22 18:08
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests get_id_range() expects a positive value as first argument but get_random_u8() can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX() is wrong as it is only supposed to be used for constants, but max() is good here. [..] ok 9 test_range2_rand1 [..] ok 10 test_range2_rand2 [..] ok 11 test_range2_rand15 [..] ------------[ cut here ]------------ [..] WARNING: CPU: 6 PID: 104 at security/landlock/id.c:99 test_range2_rand16 (security/landlock/id.c:99 (discriminator 1) security/landlock/id.c:234 (discriminator 1)) [..] Modules linked in: [..] CPU: 6 UID: 0 PID: 104 Comm: kunit_try_catch Tainted: G N 6.16.0-rc1-dev-00001-g314a2f98b65f #1 PREEMPT(undef) [..] Tainted: [N]=TEST [..] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [..] RIP: 0010:test_range2_rand16 (security/landlock/id.c:99 (discriminator 1) security/landlock/id.c:234 (discriminator 1)) [..] Code: 49 c7 c0 10 70 30 82 4c 89 ff 48 c7 c6 a0 63 1e 83 49 c7 45 a0 e0 63 1e 83 e8 3f 95 17 00 e9 1f ff ff ff 0f 0b e9 df fd ff ff <0f> 0b ba 01 00 00 00 e9 68 fe ff ff 49 89 45 a8 49 8d 4d a0 45 31 [..] RSP: 0000:ffff888104eb7c78 EFLAGS: 00010246 [..] RAX: 0000000000000000 RBX: 000000000870822c RCX: 0000000000000000 ^^^^^^^^^^^^^^^^ [..] [..] Call Trace: [..] [..] ---[ end trace 0000000000000000 ]--- [..] ok 12 test_range2_rand16 [..] # landlock_id: pass:12 fail:0 skip:0 total:12 [..] # Totals: pass:12 fail:0 skip:0 total:12 [..] ok 1 landlock_id [mic: Minor cosmetic improvements]
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/127183361b69dbb7ac3246ad4726f93400481249
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7d9ec2cfe12dd0d7c1a58213b9bef1bec66a3189
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e0a69cf2c03e61bd8069becb97f66c173d0d1fa1
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Fix warning from KUnit tests\n\nget_id_range() expects a positive value as first argument but\nget_random_u8() can return 0.  Fix this by clamping it.\n\nValidated by running the test in a for loop for 1000 times.\n\nNote that MAX() is wrong as it is only supposed to be used for\nconstants, but max() is good here.\n\n  [..]     ok 9 test_range2_rand1\n  [..]     ok 10 test_range2_rand2\n  [..]     ok 11 test_range2_rand15\n  [..] ------------[ cut here ]------------\n  [..] WARNING: CPU: 6 PID: 104 at security/landlock/id.c:99 test_range2_rand16 (security/landlock/id.c:99 (discriminator 1) security/landlock/id.c:234 (discriminator 1))\n  [..] Modules linked in:\n  [..] CPU: 6 UID: 0 PID: 104 Comm: kunit_try_catch Tainted: G                 N  6.16.0-rc1-dev-00001-g314a2f98b65f #1 PREEMPT(undef)\n  [..] Tainted: [N]=TEST\n  [..] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n  [..] RIP: 0010:test_range2_rand16 (security/landlock/id.c:99 (discriminator 1) security/landlock/id.c:234 (discriminator 1))\n  [..] Code: 49 c7 c0 10 70 30 82 4c 89 ff 48 c7 c6 a0 63 1e 83 49 c7 45 a0 e0 63 1e 83 e8 3f 95 17 00 e9 1f ff ff ff 0f 0b e9 df fd ff ff \u003c0f\u003e 0b ba 01 00 00 00 e9 68 fe ff ff 49 89 45 a8 49 8d 4d a0 45 31\n\n  [..] RSP: 0000:ffff888104eb7c78 EFLAGS: 00010246\n  [..] RAX: 0000000000000000 RBX: 000000000870822c RCX: 0000000000000000\n            ^^^^^^^^^^^^^^^^\n  [..]\n  [..] Call Trace:\n  [..]\n  [..] ---[ end trace 0000000000000000 ]---\n  [..]     ok 12 test_range2_rand16\n  [..] # landlock_id: pass:12 fail:0 skip:0 total:12\n  [..] # Totals: pass:12 fail:0 skip:0 total:12\n  [..] ok 1 landlock_id\n\n[mic: Minor cosmetic improvements]"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: landlock: Se corrige la advertencia de las pruebas de KUnit: get_id_range() espera un valor positivo como primer argumento, pero get_random_u8() puede devolver 0. Se corrige mediante la fijaci\u00f3n de valores. Se valid\u00f3 ejecutando la prueba en un bucle for 1000 veces. Tenga en cuenta que MAX() es incorrecto, ya que solo se supone que debe usarse para constantes, pero max() es adecuado en este caso. [..] ok 9 test_range2_rand1 [..] ok 10 test_range2_rand2 [..] ok 11 test_range2_rand15 [..] ------------[ cortar aqu\u00ed ]------------ [..] ADVERTENCIA: CPU: 6 PID: 104 en security/landlock/id.c:99 test_range2_rand16 (security/landlock/id.c:99 (discriminador 1) security/landlock/id.c:234 (discriminador 1)) [..] M\u00f3dulos vinculados en: [..] CPU: 6 UID: 0 PID: 104 Comm: kunit_try_catch Contaminado: GN 6.16.0-rc1-dev-00001-g314a2f98b65f #1 PREEMPT(undef) [..] Contaminado: [N]=TEST [..] Nombre del hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 01/04/2014 [..] RIP: 0010:test_range2_rand16 (security/landlock/id.c:99 (discriminator 1) security/landlock/id.c:234 (discriminator 1)) [..] C\u00f3digo: 49 c7 c0 10 70 30 82 4c 89 ff 48 c7 c6 a0 63 1e 83 49 c7 45 a0 e0 63 1e 83 e8 3f 95 17 00 e9 1f ff ff ff 0f 0b e9 df fd ff ff \u0026lt;0f\u0026gt; 0b ba 01 00 00 00 e9 68 fe ff ff 49 89 45 a8 49 8d 4d a0 45 31 [..] RSP: 0000:ffff888104eb7c78 EFLAGS: 00010246 [..] RAX: 0000000000000000 RBX: 000000000870822c RCX: 0000000000000000 ^^^^^^^^^^^^^^^^^^ [..] [..] Rastreo de llamadas: [..] [..] ---[ fin de rastreo 000000000000000 ]--- [..] ok 12 test_range2_rand16 [..] # landlock_id: pass:12 fail:0 skip:0 total:12 [..] # Totales: pasa:12 falla:0 salta:0 total:12 [..] ok 1 landlock_id [mic: Mejoras cosm\u00e9ticas menores]"
    }
  ],
  "id": "CVE-2025-38651",
  "lastModified": "2025-08-22T18:08:51.663",
  "metrics": {},
  "published": "2025-08-22T16:15:39.907",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/127183361b69dbb7ac3246ad4726f93400481249"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7d9ec2cfe12dd0d7c1a58213b9bef1bec66a3189"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/e0a69cf2c03e61bd8069becb97f66c173d0d1fa1"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.